Add storage backed token source #63
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
andrewhowdencom
force-pushed
the
add-filesystem-backed-token-refresher
branch
from
77be1ae
to
7477cf0
Compare
andrewhowdencom
force-pushed
the
add-filesystem-backed-token-refresher
branch
from
7477cf0
to
fbac5d8
Compare
In order to have a client application persist through multiple invocations (essentially the requirement for a CLI application), the token needs to be stored outside the application in some persistence. This commit provides that persistence. The general design of this work is to wrap a token source, and if underlying token source changes, then write that token back to storage. Then, whenever the application is reloaded, refresh the token source being used with whatever was in the cache. This also means that there needs to be something that "seeds" the cache; for example, if the user doesn't actually have authentication just yet. To address this, a new primitive called a "Seed function" (essentially the actual authenticatino process rather than refresh) was created. This allows plugging in the auth to the token refresh cycle. == Design Notes === Storage Implementations The primary storage implementation is a file, intended to be used with a path supplied by the XDG library. This would allow storing tokens in ~/.local/share/x40/.token.json, which is a logical place for them. There's also an implementation in memory (called "Test"), designed for ... well, testing. There's not really a limit to what other interfaces can be provided in future — I'd probably try and write a BoltDB one if this filesystem one proved buggy (so as to defer the hard™ parts to boltdb). === NewCacheSource The signature for new cache source is complicated. The problem is testability — the underlying oauth library has a bunch of stuff private, which prevents assertions about its state or reuse within tests.
andrewhowdencom
force-pushed
the
add-filesystem-backed-token-refresher
branch
from
fbac5d8
to
ccc875f
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In order to have a client application persist through multiple invocations (essentially the requirement for a CLI application), the token needs to be stored outside the application in some persistence. This commit provides that persistence.
The general design of this work is to wrap a token source, and if underlying token source changes, then write that token back to storage. Then, whenever the application is reloaded, refresh the token source being used with whatever was in the cache.
This also means that there needs to be something that "seeds" the cache; for example, if the user doesn't actually have authentication just yet. To address this, a new primitive called a "Seed function" (essentially the actual authenticatino process rather than refresh) was created. This allows plugging in the auth to the token refresh cycle.
== Design Notes
=== Storage Implementations
The primary storage implementation is a file, intended to be used with a path supplied by the XDG library. This would allow storing tokens in ~/.local/share/x40/.token.json, which is a logical place for them.
There's also an implementation in memory (called "Test"), designed for ... well, testing. There's not really a limit to what other interfaces can be provided in future — I'd probably try and write a BoltDB one if this filesystem one proved buggy (so as to defer the hard™ parts to boltdb).
=== NewCacheSource
The signature for new cache source is complicated. The problem is testability — the underlying oauth library has a bunch of stuff private, which prevents assertions about its state or reuse within tests.